[Owasp-appsensor-project] Additional Detection Points - Change to Environment Threat Level

John Melton jtmelton at gmail.com
Wed Jun 9 22:15:51 EDT 2010


I say no here for now ... I think this could be incredibly useful, but as
there's currently no concept of a tiered response level in appsensor, I
don't think this should be included until that concept exists.

On Wed, Jun 9, 2010 at 10:32 AM, Colin Watson <colin.watson at owasp.org>wrote:

> Suggestion to add a new detection point.  Has this already been ruled
> out?  Should it be added?  Is the description/categorization suitable?
>
> Source
> -----------------------------------
> Just another idea, but based on discussions about creating an Internet
> Threat Exposure (ITE) index by the UK Cybersecurity KTN in 2008.
>
> Description
> -----------------------------------
> The general threat level (e.g. general risk of attack from the
> Internet, or specific targetted attacks against an organisation) is
> elevated.  This could also be used to change response sensitivity due
> to short-term effects such as application upgrades/patching.  This
> input could be used to alter thresholds for AppSensor responses.
>
> Suggested categorization
> -----------------------------------
> In the suggested new category "Reputation" (see RP1 Suspicious User IP
> Address)
> RP5 Change to Environment Threat Level
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100609/e2d9706e/attachment.html 


More information about the Owasp-appsensor-project mailing list